35 – East-West Endpoint localization with LISP IGP Assist

East-West Communication Intra and Inter-sites

For the following scenario, subnets are stretched across multiple locations using a Layer 2 DCI solution. There are several use cases that require LAN extension between multiple sites, such as Live migration, Health-check probing for HA cluster (heartbeat), Operational Cost containment such as migration of Mainframes, etc.  It is assumed that due to long distances between sites, the network services are duplicated and active on each of the sites. This option allows the use of local network services such as default gateways, load balancer’s and security engines distributed across each location, helps reduce server to server communication latency (East-West work flows).

Traditionally, an IP address uses a unique identifier assigned to a specific network entity such as physical system, virtual machine or firewall, default gateway, etc. The routed WAN uses the identifier to also determine the network entity’s location in the IP subnet. When a Virtual Machine migrates from one data center to another, the traditional IP address schema retains its original unique identifier and location, although the physical location has actually changed. As a result, the extended VLAN must share the same subnet so that the TCP/IP parameters of the VM remain the same from site Continue reading

LSA issue @ January 23, 2017 at 10:41AM

It is always tempting and interesting to see how big guys do their networks. We saw some pieces from Google, Facebook, Amazon, LinkedIn and now Twitter comes. Big 5 is all set! Last week engineering force at Twitter released an article titled ""The Infrastructure Behind Twitter: Scale"" [1]. The article starts off with networking field

Samsung blames batteries from two makers for Note7 explosions

Samsung Electronics on Monday blamed batteries supplied by two manufacturers for the overheating and even explosions of some Galaxy Note7 phones, as it tried to provide a long due explanation for the issues surrounding the smartphone.The announcement by the company, a day ahead of it reporting its fourth quarter results, had experts from TUV Rheinland, Exponent and UL stating that internal manufacturing and design defects of the batteries, including missing insulating tape in some cases, and not the design of the phones were responsible for the battery issues.The negative electrode windings in the battery of an unnamed “manufacturer A,” who first supplied the batteries for the Note7 phones, were found in some cases to be damaged and bent over because the cell pouch did not provide enough volume to accommodate the battery assembly, said Kevin White, Exponent’s principal scientist, at a press conference that was webcast.To read this article in full or to leave a comment, please click here

Samsung blames batteries from two makers for Note7 smartphone explosions

Samsung Electronics on Monday blamed batteries supplied by two manufacturers for the overheating and even explosions of some Galaxy Note7 phones, as it tried to provide a long due explanation for the issues surrounding the smartphone.The announcement by the company, a day ahead of it reporting its fourth quarter results, had experts from TUV Rheinland, Exponent and UL stating that internal manufacturing and design defects of the batteries, including missing insulating tape in some cases, and not the design of the phones were responsible for the battery issues.MORE: Our Interactive Samsung Note7 Phenomenal Phablet Flame-Out TimelineTo read this article in full or to leave a comment, please click here

AWS Details FPGA Rationale and Market Trajectory

At the end of 2016, Amazon Web Services announced it would be making high-end Xilinx FPGAs available via a cloud delivery model, beginning first in a developer preview mode before branching with higher-level tools to help potential new users onboard and experiment with FPGA acceleration as the year rolls on.

As Deepak Singh, General Manager for the Container and HPC division within AWS tells The Next Platform, the application areas where the most growth is expected for cloud-based FPGAs are many of the same we detailed in our recent book, FPGA Frontiers: New Applications in Reconfigurable Computing. These

AWS Details FPGA Rationale and Market Trajectory was written by Nicole Hemsoth at The Next Platform.

Admin of anonymous, Tor-friendly email service has electronics seized at U.S. border

If you live outside the U.S. and run an anonymous, Tor-friendly email service—such as one used by 4chan and 8chan—sadly, it’s a pretty decent bet you will experience some drama when entering the U.S. At least that was the case for Vincent Canfield as he was detained by U.S. Customs and Border Protection and had all of his electronics seized by the agency. He is originally from the U.S., but he currently resides in Romania.Canfield, the admin of the cock.li e-mail hosting service, came to vacation in the U.S. after attending the 33rd Chaos Communication Congress held in Germany in December. He claims CBP detained him for over three hours, asking “lots of strange” and “some offensive questions” about his personal life. He refused to comply and instead gave them his attorney’s contact information. Agents allegedly demanded he decrypt his phone so they could “make sure there isn't any bad stuff on there.” Again, he refused, so CPB seized the 14 electronic devices Canfield had with him.To read this article in full or to leave a comment, please click here

Admin of anonymous, Tor-friendly email service has electronics seized at U.S. border

If you live outside the U.S. and run an anonymous, Tor-friendly email service—such as one used by 4chan and 8chan—sadly, it’s a pretty decent bet you will experience some drama when entering the U.S. At least that was the case for Vincent Canfield as he was detained by U.S. Customs and Border Protection and had all of his electronics seized by the agency. He is originally from the U.S., but he currently resides in Romania.Canfield, the admin of the cock.li e-mail hosting service, came to vacation in the U.S. after attending the 33rd Chaos Communication Congress held in Germany in December. He claims CBP detained him for over three hours, asking “lots of strange” and “some offensive questions” about his personal life. He refused to comply and instead gave them his attorney’s contact information. Agents allegedly demanded he decrypt his phone so they could “make sure there isn't any bad stuff on there.” Again, he refused, so CPB seized the 14 electronic devices Canfield had with him.To read this article in full or to leave a comment, please click here

Admin of anonymous, Tor-friendly email service has electronics seized at US border

If you don’t live in the US and run an anonymous, Tor-friendly email service – such as one used by 4chan and 8chan – sadly, it’s a pretty decent bet that you would experience some drama when entering the US. At least that was the case for Vincent Canfield as he was detained by US Customs and Border Protection and had all of his electronics seized by the agency. He is originally from the US, but currently resides in Romania.Canfield, the admin of the cock.li e-mail hosting service, came to vacation in the US after attending the 33rd Chaos Communication Congress held in Germany during December. He claims CBP detained him for over three hours, asking “lots of strange” and “some offensive questions” about his personal life. He refused to comply and instead gave them his attorney’s contact information. Agents allegedly demanded that he decrypt his phone so they could “make sure there isn't any bad stuff on there.” Again he refused, so CPB seized the 14 electronic devices that Canfield had with him.To read this article in full or to leave a comment, please click here

Admin of anonymous, Tor-friendly email service has electronics seized at US border

If you don’t live in the US and run an anonymous, Tor-friendly email service – such as one used by 4chan and 8chan – sadly, it’s a pretty decent bet that you would experience some drama when entering the US. At least that was the case for Vincent Canfield as he was detained by US Customs and Border Protection and had all of his electronics seized by the agency. He is originally from the US, but currently resides in Romania.Canfield, the admin of the cock.li e-mail hosting service, came to vacation in the US after attending the 33rd Chaos Communication Congress held in Germany during December. He claims CBP detained him for over three hours, asking “lots of strange” and “some offensive questions” about his personal life. He refused to comply and instead gave them his attorney’s contact information. Agents allegedly demanded that he decrypt his phone so they could “make sure there isn't any bad stuff on there.” Again he refused, so CPB seized the 14 electronic devices that Canfield had with him.To read this article in full or to leave a comment, please click here

BSC’s Mont Blanc 3 Puts ARM Inside Bull Sequana Supers

The HPC industry has been waiting a long time for the ARM ecosystem to mature enough to yield real-world clusters, with hundreds or thousands of nodes and running a full software stack, as a credible alternative to clusters based on X86 processors. But the wait is almost over, particularly if the Mont-Blanc 3 system that will be installed by the Barcelona Supercomputer Center is any indication.

BSC has been shy about trying new architectures in its clusters, and the original Mare Nostrum super that was installed a decade ago and that ranked fifth on the Top 500 list when it

BSC’s Mont Blanc 3 Puts ARM Inside Bull Sequana Supers was written by Timothy Prickett Morgan at The Next Platform.

Reading Tech Books Via The All-At-Once Method

I was recently asked by a friend to read and review a book his publisher had just released. This was a technical book on a topic I was keenly interested in, so I was happy to oblige.

I tackled the book in the way that I normally tackle technical books — a chapter a day, or maybe two chapters in a day. Technical books aren’t recreational fiction for me. I want to grasp the contents of technical books to best make use of the information. This often leads to slow reading. I mull over paragraphs and digest.

This time, I broke that habit. I wanted to get this book done quickly. I wanted the information immediately. I didn’t want to take a few weeks to get through it. Thus, I tried reading the book all at once.

Surprisingly, this worked out well. I ended up getting through the book in four sittings, which perhaps doesn’t sound like “all at once.” Bear with me. The first sitting was a single chapter. The second sitting was a single chapter. Then came the holidays and a complete disruption to my workflow. And then came the epiphany as I stared at the book post-holidays. Continue reading

25% off YETI Hopper 20 Portable Cooler – Deal Alert

The YETI Hopper 20 ice-for-days portable cooler and is tough as nails so it can be hauled anywhere you want to take it.  It features a DryHide Shell and nearly indestructible straps will stand up to an abundance of abuse in the field.  It's HydroLok Zipper is completely leakproof, eliminating spills and locking in cold.  It can hold 18 cans, a limit of rainbow trout, or 20 pounds of ice.  The YETI Hopper 20 is currently selling at the discounted price of $225, a good deal considering its $299.95 list price. See this high-end portable cooler now on Amazon. To read this article in full or to leave a comment, please click here

34% off SanDisk Connect Wireless Stick 200GB – Deal Alert

The SanDisk Connect wireless stick is a flash drive with a unique twist -- you can access it wirelessly. Whether it's in your pants pocket, in your bag, or on the picnic table at your campsite, the Connect wireless stick lets you stream media or move files wirelessly with up to three computers, phones or tablets simultaneously. Connections are made via built-in wifi (think "hotspot"), so no external wireless or internet services are needed. A USB connection is also available, if desired. Storage on this model is a generous 200GB. Reviewers on Amazon report at least 8-10 hours of battery life on one charge. This model is currently discounted 34%, from $119.99 down to $78.95. See it now on Amazon.To read this article in full or to leave a comment, please click here

34% off SanDisk Connect Wireless Stick 200GB – Deal Alert

The SanDisk Connect wireless stick is a flash drive with a unique twist -- you can access it wirelessly. Whether it's in your pants pocket, in your bag, or on the picnic table at your campsite, the Connect wireless stick lets you stream media or move files wirelessly with up to three computers, phones or tablets simultaneously. Connections are made via built-in wifi (think "hotspot"), so no external wireless or internet services are needed. A USB connection is also available, if desired. Storage on this model is a generous 200GB. Reviewers on Amazon report at least 8-10 hours of battery life on one charge. This model is currently discounted 34%, from $119.99 down to $78.95. See it now on Amazon.To read this article in full or to leave a comment, please click here

Syslog-ng Configuration For Newbies

Some time ago I was asked by my friend to recommend a cost-free solution that he could use for storing logs of his security device over network. The Linux OS with installed syslog-ng is perfectly suitable for this job because it can collect logs from any source, process them in near real-time and deliver them to a wide variety of destinations. However it was challenge to explain all the steps in an easy manner as he was a total newbie in a Linux world. For this reason I wrote a basic installation and configuration manual for him which I share with you. The manual helps you to setup syslog-ng on Ubuntu server and troubleshoot the possible issues.

1. Install Ubuntu 16.04 Server Edition

During Ubuntu installation you are asked to provide the username/password and IP settings. Once an installation process finishes, the system is rebooted. when you get your console again, login and install updates with the command:

$ sudo su
# apt-get update
# apt-get upgrade

2. Install and Configure Syslog-ng

# apt-get install syslog-ng

First, you need to download a simple configuration file that I created for you.

# cd /etc/syslog-ng/conf.d
# wget http://brezular.com/wp-content/uploads/2016/12/firewals.conf_.txt -O firewals.conf
# Continue reading

Lavabit developer has a new encrypted, end-to-end email protocol

The developer behind Lavabit, an email service that noted leaker Edward Snowden used, is releasing source code for an open-source end-to-end encrypted email standard that promises surveillance-proof messaging. The code for the Dark Internet Mail Environment (DIME) standard will become available on Github, along with an associated mail server program, said its developer Ladar Levison on Friday. DIME will work across different service providers and perhaps crucially will be "flexible enough to allow users to continue using their email without a Ph.D. in cryptology," said Levison. To coincide with its launch, Levison is also reviving Lavabit. The encrypted email service shut down in 2013 when federal agents investigating Snowden demanded access to email messages of his 410,000 customers, including their private encryption keys.To read this article in full or to leave a comment, please click here

Lavabit developer has a new encrypted, end-to-end email protocol

The developer behind Lavabit, an email service that noted leaker Edward Snowden used, is releasing source code for an open-source end-to-end encrypted email standard that promises surveillance-proof messaging. The code for the Dark Internet Mail Environment (DIME) standard will become available on Github, along with an associated mail server program, said its developer Ladar Levison on Friday. DIME will work across different service providers and perhaps crucially will be "flexible enough to allow users to continue using their email without a Ph.D. in cryptology," said Levison. To coincide with its launch, Levison is also reviving Lavabit. The encrypted email service shut down in 2013 when federal agents investigating Snowden demanded access to email messages of his 410,000 customers, including their private encryption keys.To read this article in full or to leave a comment, please click here

The command-line, for cybersec

On Twitter I made the mistake of asking people about command-line basics for cybersec professionals. A got a lot of useful responses, which I summarize in this long (5k words) post. It’s mostly driven by the tools I use, with a bit of input from the tweets I got in response to my query.

bash

By command-line this document really means bash.

There are many types of command-line shells. Windows has two, 'cmd.exe' and 'PowerShell'. Unix started with the Bourne shell ‘sh’, and there have been many variations of this over the years, ‘csh’, ‘ksh’, ‘zsh’, ‘tcsh’, etc. When GNU rewrote Unix user-mode software independently, they called their shell “Bourne Again Shell” or “bash” (queue "JSON Bourne" shell jokes here).

Bash is the default shell for Linux and macOS. It’s also available on Windows, as part of their special “Windows Subsystem for Linux”. The windows version of ‘bash’ has become my most used shell.

For Linux IoT devices, BusyBox is the most popular shell. It’s easy to clear, as it includes feature-reduced versions of popular commands.


man

‘Man’ is the command you should not run if you want help for a command.

Man pages are designed to drive away Continue reading
1 2,373 2,374 2,375 2,376 2,377 3,841